1. Field of the Invention
This invention relates generally to network communication systems. In particular, this invention relates to protecting the identity of the users of a network system.
2. Related Art
As global computer networks, such as the Internet, continue to grow globally at a rapid pace, an increasing number of people and businesses from around the world are accessing these networks for both business and personal activities. As a result, networks such as the Internet have become a virtual community where people communicate with each other by sending and receiving electronic, voice and image messages for both business and pleasure. These communications may include sharing ideas and information, sending personal and business messages back and forth, researching information, expressing opinions and ideas both personal and political, and conducting business negotiations and transactions (generally known as “electronic commerce” or “e-commerce”). In response to this new electronic activity, businesses and certain individuals attempt to identify and track individual Internet users for numerous purposes, including but not limited to, advertising, market research, customizing information for Internet sites (i.e., “websites”), snooping and eavesdropping on communications, as well as fraud and other malicious activities. Many of these attempts may constitute threats to the individual privacy of users of these networks because they attempt to gain personal information about the user and the user's activities online (generally referred to as “online activities”), often without the user's consent or knowledge.
These threats acquire information about the user by logging or tracking a user's Internet Protocol (“IP”) address (the electronic address that specifically identifies a user's computer to the network) or by installing programs or files on the user's computer such as “cookies,” ActiveX™ applications, JavaScript™ files, spyware, or hostile programs such as viruses. These threats allow an outside user, be it a business or an individual entity, to perform such tasks as identifying the user, obtaining the user's personal information that is stored on his/her computer (including names, addresses, private financial files, and/or other confidential, private and/or sensitive information), as well as tracking the user's activities on the Internet, including recording every website visited or every e-mail sent or received by the user. Malicious programs such as viruses may also be installed on the user's computer that can modify, erase or destroy the user's operating system or personal files.
Unfortunately, many people that utilize the Internet do not understand how networks such as the Internet function nor do they generally appreciate the number and types of threats that they may experience once they connect (i.e., “log-on”) to the Internet. With respect to the threat of an outside user acquiring information about the user by logging or tracking the user's IP address, this threat arises because when the user surfs the Internet, his computer may make a direct, unprotected and unsecure connection to the server where the requested information is stored. For that server to send Web content back to the user, it must know the user's computer's IP address. Once an IP address is obtained by an outside user, that IP address can be used to obtain additional information such as the user's domain name, the part of the world the user is located in, the name of the user's Internet Service Provider (“ISP”), and additional details about the user's corporate network.
Obtaining this additional information may be referred to, in general, as “Internet Counter-Intelligence.” Possible risks associated with Internet Counter-Intelligence techniques directed against the user may include possible exposure of the user's operations, future development plans or intentions, unintentional exposure of confidential client information or research, as well as subjecting the user to an influx of spam e-mail or hacker attacks initiated by automated counter-probes. In addition, the outside user may alter the content returned to the user based on the user's IP address, providing different, even misleading, content to the user based on the geographical source of the query.
Enterprise Web administrators have a number of analytical tools at their disposal that give them the ability to not only detect and analyze inbound traffic to their websites, but also to perform many of these Internet Counter Intelligence techniques. These tools are commonly referred to in the Information Technology (“IT”) industry as “Web Analytics.” Web Analytics employs tools and services that can gather user data from the Web server logs or collect it directly from the users' browsers. These services are particularly adept at providing a global view of visitor activity on multiple enterprise sites. Performing Web Analytics makes it possible to track visitor activity, including the geographic locations of visitors to a website. The addition of a browser plug-in gives these Web administrators the ability to see link and element viewer activity when visitors view individual Web pages on their sites. Web Analytics can also analyze the surfing behavior of visitors to a website, tracking the pages within the site that are most frequently accessed, and the files that are downloaded. The result of the information that is collected is provided in the form of tables, charts, and graphs. It is this aspect of the functionality of Web Analytics that can identify specific IP addresses and domain names, which in turn can be used to prevent access from locations that are deemed a competitive threat.
Past approaches at protecting users connected to the Internet include using “firewalls” to block certain types of threats, virus protection programs for detecting malicious programs, and spyware and cookie-file-removal software. These approaches, however, do not protect a user's identity; nor do they protect against malicious users intercepting data between the client and the server because these approaches may attempt to disinfect a user from intruders after the fact. Approaches in the past at protecting the user's identity have included allowing a user to connect to an intermediate server (sometimes referred to as a “proxy server”) connected to the Internet that extracted off the user's IP information and substituted in its place the IP address of the intermediate server, thus creating an anonymous user that could then continue to surf the Net without worrying that his IP information would be used to identify him.
These past approaches do not protect a user's identity as soon as the user connects to the Internet because connected websites are able to read and identify the user's IP address among other things. A need therefore exists to protect the identity of the user immediately upon connecting to the Internet (i.e., known as “surfing the web” or “surfing the Net”). Thus there is a need for a privacy management approach that solves the problems recited above and allows Internet users to easily maintain their privacy.